Resolving Domains Internally And Externally With Bind9 And Caching Nameserver
Author: Nayyar Ahmad
Contact: nayyares *AT* gmail *DOT* com
Dedication: To my pets, boby and tavi.
Preface:
Some times, we are required to resolve our internal domains on a local nameserver and external (Internet) domains from ISP's nameserver. There are different solutions to this problem, but in this howto, we are going to solve it through configuring a combination of caching-nameserver and BIND 9.
Theory Behind Caching-Namerserver and BIND 9:
Caching-Nameserver is a type of nameserver that will resolve a web addresses (domain names) from its next or master DNS, and will keep those entries in cache, after first time resolution it will resolve DNS queries locally, untill its TTL (Time To Live) is expired.
BIND 9 is used to resolve domain resolution queries from it own database, as it is SOA (Start Of Authority).
So now it is clear that in our setup the caching-nameserver will be used to resolve domain names externally (internet), while BIND 9 will be used to resolve domain names from our local network (internally).
Now we have caching-nameserver and BIND 9 hammer in our hands, lets start fixing it. :)
1. Installing caching nameserver/ BIND 9:
Simplest method to install all required packages for this howto is,
$ yum install caching-nameserver bind*
same for apt based system, but if you don't have yum or apt configured you can install following packages from your distribution cds, I am not mentioning package versions as it depends on your distribution i.e.
Required Packages: bind , bind-chroot, bind-utils, bind-lib, caching-nameserver
After installation of these packages we have to find either we have all required packges installed or not, to do so, use following command.
$ rpm -qa bind*
$ rpm -qa caching-nameserver
The above commands work fine, only if you are working on RPM based Linux Distro, otherwise check according to your own distro method. Now if you are able to see all mentioned packges , this means you are about to hit your nameserver with BIND hammer. :)
2. Editing named.conf:
First of all we have to register our domain name with BIND, for the reason, we will edit named.conf, open it and type the following lines.
$ vi /etc/named.conf
Now type the following lines, i.e.
zone "cbtcandy.org" IN {
type master;
file "cbtcandy.org.zone";
allow-update { none; };
};
You should replace cbtcandy.org with your own domain name.
3. Starting Bind Daemon:
You can start bind daemon/service to check whether your named.conf is written perfectly, now you can do this by different method, I will state two of them:
For RedHat, CentOS, Fedora type systems, give following command,
$ service named start
For Suse, Debian type systems,
$ /etc/rc.d/rc.bind start
Now if Bind daemon is started successfully that means we are half way done.
4. Setting Bind Daemon Starts On Boot:
The following command will work perfectly on RedHat, CentOS, Fedora, but I am not sure about other distros, so better you find its equivalent.
$ chkconfig named on --level 35